Google SSL Requirements Potentially Affect Search Engine Results Pages

Google SSL Requirements Potentially Affect Search Engine Results Pages

On August 6, 2014 Google released a blog post which discussed a move towards Secure Socket Layer (SSL) requirements for all websites. Googles purpose was to protect searchers from malicious attackers. They wanted to use SSL to assure authentication, data integrity and encryption of website data to protect those searching the internet. In conjunction with the former, Google provided best practices for webmasters in order to ensure compliance with Google standards. So, what does all of this mean to the laymen?

It essentially means that your site needs to move toward SSL encryption in order to meet Googles requirements or your sites search engine results will be affected. According to Google and I quote, “they started running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms.” This means that Search Engine Results Pages (SERP’s) are definitely affected by a sites lack of security.

For those sites that do not have a SSL certificate, but have had a stable placement within the search engine rankings, things will change. For those who struggle to upgrade their ranking, this is just another hurdle to jump. Some people have suggested that there are some sites that do not need SSL because of the nature of their business. Those who support SSL reply with a clear belief that any data transmitted should be protected. Since the announcement of this new direction, many SSL users say that they’ve seen a spike in their rankings. While non SSL users say this is just a bonanza for the SSL issuance authorities and the effects on SERP’s have been minimal. In essence, the relationship of SSL’s and SERP’s were determined by Google when they decided to add SSL to the ranking algorithms. It is very clear that SERP’s are affected by SSL. Nevertheless, whatever side you fall on, Google is a necessary evil for most business owners, therefore compliance is a must. If you don’t want your site deemed as unsafe or moved down the rankings list, this issue should be on your mind.

How can you move towards compliance? How can you ensure that your site is not demoted because of a lack of security? The answers may be much easier than you think.

  1. The easiest way to make this a non-issue is to host with a service that gives SSL by default. For instance, Qdhosts gives all of their clients SSL certificates and even auto installs them. This means that clients on this type of service do not need to do anything because they are for the most part “in compliance” if their site structure is correct.
  2. You can also download and install a free SSL certificate depending on the kind of site you have. Simply do a search on free SSL certificates and a list will come up.
    1. Letsencrypt
    2. Comodo
    3. InstantSSL

These are just a few of the companies you will find.

  1. You can also purchase a SSL certificate for about $10-$12.
    1. Qdhosts
    2. Comodo
    3. Geotrust

These are just a few of the companies that sell SSL certificates.

Keep in mind, in most cases you will have to install the SSL certificate yourself. However, once you’ve installed your certificate, you should be ready to go. You can test your sites SSL setup and configuration. Just go to Qualys SSL Labs. Qualys will grade your SSL setup. You can even find out about any errors or changes that need to be made.

Don’t fret too much about the SSL requirements because getting in compliance is easier than you think. Remember there is help out there. If you need more details on SSL certificates and install please read our blog called understanding SSL.

Understanding Secure Socket Layer (SSL)

What is SSL?

SSL is an acronym for Secure Socket Layer. A SSL helps to encrypt data over a computer network. On the web this is handled through a purchase or download of a certificate that contains an encryption key which is installed on the webserver who handles client requests.

How do HTTPS and SSL work together?

HTTPS is an acronym for Hyper Text Transfer Protocol Secure. The HTTP protocol uses the SSL certificate to encrypt the communication between client and server. When a client types HTTPS in front of the domain, the connection is secured.

How do I know if my security certificate is active?

SSL SECURE
SSL SECURE

Fire Fox and Chrome

In the uniform resource locator (URL) field off the left of the domain name, you should see a green lock next to it. If you do not see this, something is wrong and your connection is NOT secure.

Safari

In the uniform resource locator (URL) field off the left of the domain name, you should see a lock next to it. If you do not see this, something is wrong and your connection is NOT secure.

Internet Explorer

In the uniform resource locator (URL) field off the right of the domain name, you should see a lock next to it. If you do not see this, something is wrong and your connection is NOT secure.

NOTE: You can click on the lock to look at the details of the SSL certificate and validate that it belongs to the site that you are on.

How do I install a SSL certificate?

The installation of an SSL certificate depends on the hosting company you are using. In general, the customer finds the place they want to purchase the SSL from. You generate and supply your signing request. The SSL certificate is then created based on that request and sent back to the customer. Once you receive the SSL certificate, you install it on your server through your hosting panel. Qdhosts has a video on how to create a CSR and you can check it out here.

Why is the so important?

If you are in business, your customer’s security along with your company’s security should be your top priority. Keep in mind, that most sites collect address and financial information which MUST be protected. In order to do this, you need to install security. This encrypts the data and makes it private. An insecure site can cost you money and trust. Why not protect against this with a low cost SSL certificate which protects everyone involved?

What if I install my certificate and find that I have errors on my site that are preventing it from working properly?

The most common reason your SSL could be throwing off errors is because you are sending non secure items into a secure page. One of the easiest ways to track this issue down is to use Chrome and hit Ctrl + Shift + J. The console will give you an idea of what could be causing your SSL issues. If you are code savvy, you can track down the culprit and correct your issues. If not, there are companies that can do this for a nominal fee including Qwoffices. Trust me, getting your security up and running correct can only benefit you and your reputation.

Q. Williams
Qwoffice.com (A Quadjam Enterprises Company)